Don't leak the per-request preauth context

Currently, per-request preauth module data is only cleared when we
successfully obtain initial credentials.  Make sure to clear it at the
end of the operation even if we failed to get creds.

[ghudson@mit.edu: expanded commit message]

ticket: 7793
target_version: 1.12.2
tags: pullup

diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c
index ebd28440d63697eb27ec71030fc2dbadf7817fd7..ebcb36213f59d0f20ae67bb8f18ace128a4d6340 100644 (file)
--- a/src/lib/krb5/krb/get_in_tkt.c
+++ b/src/lib/krb5/krb/get_in_tkt.c
@@ -488,6 +488,7 @@ krb5_init_creds_free(krb5_context context,
     k5_response_items_free(ctx->rctx.items);
     free(ctx->in_tkt_service);
     zapfree(ctx->gakpw.storage.data, ctx->gakpw.storage.length);
+    k5_preauth_request_context_fini(context);
     krb5_free_error(context, ctx->err_reply);
     krb5_free_pa_data(context, ctx->err_padata);
     krb5_free_cred_contents(context, &ctx->cred);